Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

HTTP 400 when using jwt

See original GitHub issue

Describe the bug

If i enable jwt (which is enabled for web ui by default) i always get a 400 bad request reponse whenever i try to use the jwt auth token. There is no log entry for the request.

To Reproduce

configure bitbucket-server as auth
push a package
login to webui
view browser console for 400 error

Expected behavior jwt auth should just work with any auth module

Screenshots If applicable, add screenshots to help explain your problem.

Docker || Kubernetes (please complete the following information):

Docker verdaccio tag: [e.g. verdaccio:4.x]
Docker commands [e.g. docker pull …]
Docker Version [e.g. v18.05.0-ce-rc1] 18.09.9 / Rancher v1.6.28

https://github.com/VisualOn/docker-images/tree/master/docker/verdaccio

Configuration File (cat ~/.config/verdaccio/config.yaml)

storage: /verdaccio/storage/data
plugins: /verdaccio/plugins

web:
  title: Verdaccio

auth:
  bitbucket-server:
    url: "http://server.bitbucket:7990"
    allow: "stash-users" # optional; default = ""

# a list of other known repositories we can talk to
uplinks:
  npmjs:
    url: https://registry.npmjs.org/
  pkg:
    url: https://server.proget/npm/vo-npm/

packages:
  '@vo/*':
    # scoped packages
    access: $authenticated
    publish: $authenticated
    unpublish: $authenticated
    proxy: pkg
    storage: vo
    
  '@*/*':
    # scoped packages
    access: $all
    publish: $authenticated
    unpublish: $authenticated
    proxy: npmjs
    storage: npmjs

  '**':
    access: $all
    publish: $authenticated
    unpublish: $authenticated
    proxy: npmjs    
    storage: npmjs

middlewares:
  audit:
    enabled: true

# log settings
logs:
  - { type: stdout, format: pretty, level: http }
  - { type: file, path: /verdaccio/storage/verdaccio.log, format: pretty-timestamped, level: debug }

experiments:
  # support for npm token command
  token: true

Environment information

System: OS: Linux 5.0 Alpine Linux undefined CPU: (8) x64 AMD Opteron™ Processor 6380 Binaries: Node: 10.16.3 - /usr/local/bin/node Yarn: 1.17.3 - /usr/local/bin/yarn npm: 6.9.0 - /usr/local/bin/npm

Debugging output

$ NODE_DEBUG=request verdaccio display request calls (verdaccio <–> uplinks)
$ DEBUG=express:* verdaccio enable extreme verdaccio debug mode (verdaccio api)
$ npm -ddd prints:
$ npm config get registry prints:

Additional context

Issue Analytics

State:
Created 4 years ago
Comments:19 (8 by maintainers)

Top GitHub Comments

2reactions

DanielRufcommented, Dec 30, 2019

Sounds good. Please let us know then what we can do to prevent or help others with this issue in the future (either by documenting it or solving it in verdaccio).

1reaction

viceicecommented, Dec 30, 2019

Not yet, sorry. Have a lot of other work to do. Maybe i can try it next year (begining).